/**
 * CURL SSRF Example
 *
 * @author Feei <wufeifei@wufeifei.com>
 * @link   http://wufeifei.com/ssrf
 */
function callback(){  
    /*
     * 此处$callback_url取外部入参
     * 则直接判定为存在风险
     */
    $callback_url = $_GET['url'];
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $callback_url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_exec($ch);
    curl_close($ch);
}